Web attacks and targeted threats are taking over from email spam as the main vehicles for malware, according to security vendor Symantec’s annual threat report.

The percentage of all email that is spam fell from 88% in 2010 to 75% in 2011, the report found. Symantec attributed this decrease to the closure of the Rustock botnet, led by software giant Microsoft. The report suggested that social networks are becoming more popular as a malware vector, although no statistics were available.

Symantec blocked 5.5 billion malicious attacks in 2011, up 81% from 3 billion the previous year, the report revealed. Web-based attacks (as supposed to email-borne malware) were up 36% over the same period.

It also reported a slight increase in "targeted attacks", or advanced persistent threats (APT), wherein malware is customised to inflitrate a specific target, albeit by just 6%.

The attacks were aimed at organisations at the extreme ends of the size spectrum. Companies with more than 2500 employees were targeted in half of all APTs seen by Symantec, while those with less than 250 employees saw 18% of APT attacks. Symantec suggested this represented hackers going after "lower hanging fruit".

Symantec also found that 187 million identities were stolen through hacking in 2011, with a further 45 million lost on misplaced USB keys or stolen laptops. This tallies roughly with the figure in US telco Verizon’s latest security report, which found that 174 million "records" stolen by online criminals in 2011.